IT GRC Manager (IT Governance, Risk and Compliance)

lux-Airport – Société de l’Aéroport de Luxembourg SA is the company that operates Luxembourg’s national airport. It provides a safe, high‑performance infrastructure for air transport of passengers and goods, and develops the surrounding areas in terms of activities and facilities. In 2024 it welcomed some 5.4 million passengers and handled 830 468 tonnes of freight, ranking among the top freight hubs in Europe.

Working for lux-Airport means working in an exciting and stimulating environment, adopting a respectful, committed, solution‑oriented and optimistic mindset. This approach fosters personal fulfillment and creates a working environment where individuals can develop their full potential and expertise, reflecting our “Just Culture”.

We are recruiting an IT GRC Manager (IT Governance, Risk and Compliance).

• Develop and maintain an IT governance framework aligned with the company’s strategic objectives.
• Define IT policies, standards and procedures in collaboration with stakeholders.
• Monitor KPIs and produce reports to assess the effectiveness of IT governance.
• Identify, assess and prioritise risks relating to information systems and digital infrastructures.
• Implement and monitor risk mitigation plans, carrying out impact analyses and proposing solutions to strengthen IT resilience.
• Ensure compliance with standards such as ISO 27001, RGPD, PCI‑DSS and other applicable regulations.
• Organise and supervise internal and external IT audits, maintaining complete and up‑to‑date documentation of compliance processes.
• Work with cyber security teams to integrate necessary controls into IT systems, identifying vulnerabilities and proposing improvements to minimise security risks.
• Train employees in good IT security and compliance practices, acting as a key liaison between IT teams, business departments and senior management.
• Organise awareness sessions on IT risks and compliance requirements, preparing regular reports to inform management of progress and potential risks.
• Participate in inclusion initiatives (e.g. Hidden Disabilities Sunflower project, for people with invisible disabilities).
• Participate in the integration of new employees and in waste sorting and energy saving through responsible behaviour.

Master’s degree in computer science, information systems management or equivalent.

Relevant certifications, such as CISM, CISA, CRISC, or ISO 27001 Lead Implementer / Auditor.

Minimum 5 years’ experience in a similar role or in IT risk management, compliance or information security.

Experience in project management and coordination with multidisciplinary teams.

• IT tools – Mandatory: Microsoft Office suite.
• Languages – Mandatory:
  • French: fluent spoken and written (C1 minimum).
  • English: operational in the business – advanced level (B2 minimum).
• Know‑how and interpersonal skills specific to the job – Analytical skills, good interpersonal skills, teamwork and collaboration.
• Other – Good knowledge of IT governance frameworks (COBIT, ITIL, etc.), expertise in IT risk management and cybersecurity, experience with GRC tools, in‑depth knowledge of security and data protection standards and regulations, valid permanent B driving licence.

A compensation based on a salary scale, plus fringe benefits. A chance to work for a prestigious, stable and growing Luxembourg company with an international dimension.

The whole application process is managed by Skeeled. Our recruitment team will contact you in case your profile matches our needs. Thank you in advance for your understanding.